如何在 Web 表单和 MVC2 应用程序之间共享基于 .net (C#) 的经过身份验证的会话? [英] How can I share .net (C#) based authenticated session between web forms and MVC2 applications?

问题描述

我们在业余时间使用当时可用的最新 mvc3 和实体框架 .net 库构建了一个小型应用程序，并对其进行了部署.管理层喜欢它，他们希望将它集成到一个沉重的遗留 .net 3.5 Web 表单应用程序中.

我需要以某种方式在两个应用程序中使用相同的身份验证会话.我使用相同的数据库和应用程序使用 .net 成员资格和配置文件提供程序进行身份验证.这工作正常，但用户必须单独登录到 MVC 应用程序，即使他们已经登录主应用程序.我愿意接受任何建议:在不同级别启用状态会话，或共享cookies等

绕过此登录要求的最佳方法是什么，我是否应该将 mvc 应用程序集成到 webforms 中或将其保留为独立应用程序?我主要担心影响决策的主要是完成集成所需的时间，以及应用程序的后期维护.

解决方案

首先，一个应用程序是 ASP.NET MVC 的事实在这里没有区别:)

其次，以下是 MSDN 中的一个示例:

http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx

来自该页面的小片段:

<预><代码><配置><system.web><认证模式=表单"><!-- 名称、保护和路径属性必须匹配正好在每个 Web.config 文件中.--><表单 loginUrl="login.aspx"名称=".ASPXFORMSAUTH"保护=全部"路径=/"域=contoso.com"超时=30"/></认证><!-- 验证和解密密钥必须完全匹配并且不能设置为自动生成".验证和解密算法也必须相同.--><机器密钥验证密钥=C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C09ADBE16C6C16C16C07F6C16C36C16C57C36C36C00000C57C63C487C34000267687C36C57C36C16C57C487C3解密密钥=8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F"验证="SHA1"/></system.web></配置>

.

附言

StriplingWarrior 对合并两个应用程序的建议虽然不是真正必需的，但可能对未来的集成非常有用.无论如何，您以后可能会这样做.

We have a small application we built in our spare time using the latest mvc3 and Entity Framework .net libraries available at the time, and deployed it. The management liked it, and they want it integrated into a heavy legacy .net 3.5 web forms application.

I need to somehow use the same authentication sessions across the two applications. I am using the same DB and Application for authentication using the .net membership and profile providers. This works fine, but users have to login separately into the MVC app even when they are already signed in for the main application. I am open to any suggestions: enabling state session at a different level, or shared cookies, etc

What is the best way to bypass this login requirement and whether I should integrate the mvc application into the webforms or keep it as an independent application? My main concerns affecting the decision would be time taken for complete integration, and later maintenance of the applications.

解决方案

First, the fact one application is ASP.NET MVC does make no difference here :)

Second, here is one example of what to do from MSDN:

http://msdn.microsoft.com/en-us/library/eb0zx8fc.aspx

Small snippet from that page:

<configuration>
  <system.web>
    <authentication mode="Forms" >
      <!-- The name, protection, and path attributes must match 
           exactly in each Web.config file. -->
      <forms loginUrl="login.aspx"
        name=".ASPXFORMSAUTH" 
        protection="All"  
        path="/" 
        domain="contoso.com" 
        timeout="30" />
    </authentication>

    <!-- Validation and decryption keys must exactly match and cannot
         be set to "AutoGenerate". The validation and decryption
         algorithms must also be the same. -->
    <machineKey
      validationKey="C50B3C89CB21F4F1422FF158A5B42D0E8DB8CB5CDA1742572A487D9401E3400267682B202B746511891C1BAF47F8D25C07F6C39A104696DB51F17C529AD3CABE" 
      decryptionKey="8A9BE8FD67AF6979E7D20198CFEA50DD3D3799C77AF2B72F" 
      validation="SHA1" />
  </system.web>
</configuration>

.

P.S.

StriplingWarrior's advice of merging both applications although not really required but may be very useful for future integrations. You may later end up doing it anyway.

这篇关于如何在 Web 表单和 MVC2 应用程序之间共享基于 .net (C#) 的经过身份验证的会话?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！